Open Source Software: Secure Delete Options

PRNG is pseudo-random number generator. This is an algorithm that generates sequences of numbers with no discernible pattern, but as it is very difficult to generate a truly random sequence, the fine brainiacs who invented it call it "pseudo-random." PRNG algorithms are used in cryptography, because (theoretically) patterns could be detected and used to decrypt your secret stuff.

DBAN supports two PRNG algorithms: Mersenne Twister and ISAAC (indirection, shift, accumulate, add, and count). I shall leave it as your homework to learn the finer details of these, if you are so inclined; both are strong, and ISAAC is the fastest.

Method offers some meaningful erase options. The Quick Erase method overwrites your hard disk with a single pass of zeroes. This is not all that secure, and a moderately-skilled person could recover your data. Quick Erase is a good choice when you want to prepare a disk for re-use, and want to ensure that it is completely blanked before you install new software on it.

The remaining methods are all very strong:

RCMP (Royal Canadian Mounted Police) TSSIT OPS-II

DoD (U.S. Department of Defense) Short

DoD 5220.22-M

Gutmann Wipe

PRNG Stream

The first three are rated as medium, Gutmann Wipe is very strong, and PRNG Stream is the strongest. In real life any of them will render your data unrecoverable. You might as well stick with PRNG Stream; why not use the strongest available? It doesn't cost you anything extra.

The Verify option checks to make sure your hard disk is really empty. "Verify Last Pass" only checks on the last run, while "Verify All Passes" checks after every run. This ensures that hardware caches are flushed, but it takes a lot longer. DBAN takes a long time no matter what, so go ahead and choose the most secure options, make it go, and then leave it alone until the next morning.

Rounds determines how many times your chosen wipe method runs. All methods except Quick Erase run multiple times, so you might as well leave this set at one.

When you have selected all of your options, press F10. DBAN shows progress, throughput, errors, runtime, and time remaining.

And that's pretty much all there is to it. DBAN is fast and easy to get it going, and then you just go away and do something else while it works. When it's finished, you'll get an ad for Blancco, which offers good commercial secure delete products for mobile devices, PCs and servers. DBAN is free of cost and open source.

Erase Files Securely

What if you want to securely delete files on your computer without wiping your whole drive? No problem: there are good, free tools for that, too. Windows users can use Eraser. It's open source, free of cost, and it's easy to use. You can install it on your Windows PC or server, or you can get the portable version to run from a USB stick.

Linux users have good command-line tools like srm, or secure remove. This comes in the secure-delete software package. It's not as convenient as a nice graphical deletion tool, but it gets the job done.

You can securely delete a single file like this: $ srm sensitive-file.txt

You can delete an entire folder of documents this way: $ srm -r sensitive-folder.txt

It takes longer than an ordinary delete command, but when it's gone it is completely gone.

What about Mac OS X users? You already have the excellent Secure Empty Trash built-in, which securely deletes the contents of your Trash folder.

Carla Schroder is the author of The Book of Audacity, Linux Cookbook, Linux Networking Cookbook,and hundreds of Linux how-to articles. She's the former managing editor of Linux Planet and Linux Today.

Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today!